Home/ Questions/Q 8381919
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T16:48:17+00:00

Basically I have a login system with basic session functionality, and it times out

  • 0

Basically I have a login system with basic session functionality, and it times out on browser close. I’ve been getting complaints on that so I want to be able to have some click the remember tick and have their session last for say, 30 days.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Set a cookie at the same time you’re setting the $_SESSION['user_id'] for instance. Like this :

    $token = hash('md5',$_SESSION['user_id'] . time() . 'salt');
setcookie('token', $token, time() + (3600 * 24 * 30));
setcookie('user_id', $_SESSION['user_id'], time() + (3600 * 24 * 30)); // Cookie expires in 30 days

    Save $token in DB in user_id row.

    Then you set the $_SESSION['user_id'] for users with cookies saved so they don’t have to sign in the normal way:

    if (!isset($_SESSION['user_id']) {

    if (isset($_COOKIE['user_id']) && isset($_COOKIE['token']) {

       $saved_token = SELECT token FROM users table WHERE userID = $_COOKIE['user_id'];
         if ($_COOKIE['token'] == $saved_token) { 
         $_SESSION['user_id'] = $_COOKIE['user_id'];
       } else log out
       }
}  else log out
}
}

    Maybe that works better security wise?

    • 0